Hackers use Google to find website vulnerabilities

Agence France Presse ^ | Feb 22, 2008

[george76]

Infamous computer hacker group Cult of the Dead Cow (CDC) said Friday it is offering a software tool that lets people use Google to scan websites for security flaws.

CDC says a "Goolag Scanner" program based on work done by a hacker using the name "Johnny I Hack Stuff" is available for free download at its website.

The tool lets people with fundamental programming skills check websites or Internet domains for weaknesses that could be exploited by hackers, according to CDC.

The group said it uncovered "some pretty scary holes" through random tests of the tool in North America, Europe, and the Middle East.

Computer security specialists warn people to make certain any programs they download onto their computers don't contain malicious code.

Hackers routinely try to trick people into installing programs that then take over machines or mine them for passwords, financial accounts, or other valuable information.

[george76]

Cult of the Dead Cow (CDC)

[Southack]

Hacker names were cooler in the 1980’s. Think: Farmers of Doom.

[AnotherUnixGeek]

Nice, hopefully site admins will make use of tools like this to find and remove security holes in their sites.

[AnotherUnixGeek]

Hacker names were cooler in the 1980’s. Think: Farmers of Doom.

Pretty sure CDC has been around since the '80s.

[Fiddlstix]

Crazy bunch they are. Years ago they had an IRCd running. I don't know about now.
I went there once to check it out. Reading their /MOTD was enough for me. Never went back.
Bad bunch.

[JerseyHighlander]

Locating the flaws individually through Google has been around for years, lots of locations offer the individual search queries to find the vulnerabilities.

Don’t consider this as anything more than a small escalation of a long running cat and mouse game.

[FunkyZero]

Wow.
CDC has been around for a long time. I thought they disbanded years ago.
I actually know one of he old members who went but “Sid Vicious” (well, I knew him online via IRC in the early days). He disappeared years ago or so I thought. They are in some part responsible for the heavy push really early on with the MP3 format. They didn’t invent it or anything, but they were a big part in it’s popularity in the first days.

[SpaceBar]

Times have changed since these black hats were picking zits and decompiling code. Nowadays with terrorist threats and international electronic corporate espionage, circumventing cyber-security can get you many years in the big house. Ain’t Kevin Mitnick’s playground anymore.

[meanie monster]

lol, I have heard of “Johnny I Hack Stuff” He has a site called g2p.org that lets you get mp3’s thru a proxy using search terms. Copy and paste this search in google........intitle:index.of +”last modified” +”parent directory” +(mp3|wma|ogg) +”Pink Floyd” -htm -html -php -asp......

[xtinct]

SwampRatty used to be numero uno at CDC in the late 80s and 90s

[JimRed]

Lynch all hackers...NOW!

[USF]

How-to find interesting video, sound and image files in unprotected directories:

http://www.googletutor.com/2005/04/15/voyeur-heaven/

[SunkenCiv]

Thanks george76.

http://www.cultdeadcow.com/

http://www.goolag.org/
http://www.goolag.org/download.html

http://www.secguru.com/link/goolag_scanner

[DBrow]

Go to a known hacker site and download something?

Makes sense to me!

[meanie monster]

Thank you...

[Syncro]

Pretty cool scam

Go to a hackers site

Hmmmm, good idea

Fresh meat for the hacker

No thanks

[meanie monster]

Searching google does not make you a hacker.

[gitmo]

Dead Fish Society

[SunkenCiv]

Alewives?